Monthly Archive: May 2005

The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote attackers to bypass HTTP Server mod_access restrictions via a request to the webcache TCP port 7778. Date published...

The webcacheadmin module in Oracle Webcache 9i allows remote attackers to corrupt arbitrary files via a full pathname in the cache_dump_file parameter. Date published : 2005-05-02 http://www.securityfocus.com/bid/13420 http://marc.info/?l=bugtraq&m=111472615519295&w=2

Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote attackers to inject arbitrary web script or HTML via the (1) cache_dump_file or (2) PartialPageErrorPage parameter. Date published : 2005-05-02 http://www.securityfocus.com/bid/13421 http://www.securityfocus.com/bid/13422

Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allows remote attackers to execute arbitrary web script or HTML via the server parameter to a JndiFramesetAction action. Date published : 2005-05-02 http://www.securityfocus.com/bid/13400 http://marc.info/?l=bugtraq&m=111472745503010&w=2

The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges. Date published : 2005-05-02 http://www.securityfocus.com/bid/13431 http://marc.info/?l=bugtraq&m=111472262231060&w=2

SQL injection vulnerability in posting_notes.php in the notes module for phpBB allows remote attackers to execute arbitrary SQL commands via the p parameter, which is used in the $post_id variable, and other attack vectors....

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary PHP code via unknown vectors. Date published : 2005-05-02 http://www.securityfocus.com/bid/13407 http://marc.info/?l=bugtraq&m=111464607103407&w=2

Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files. Date published : 2005-05-02 http://www.securityfocus.com/bid/13407...

Multiple SQL injection vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary SQL commands via (1) learningPath.php, (2) learningPathAdmin.php, (3) learnPath_details.php, (4) modules_pool.php, (5) module.php,...

Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to inject arbitrary web script or HTML via (1) exercise_result.php, (2) exercice_submit.php, (3) agenda.php, (4)...

Multiple SQL injection vulnerabilities in index.php in Dream4 Koobi CMS 4.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) q or (2) p parameters. Date published : 2005-05-02 http://www.securityfocus.com/bid/13412 http://www.securityfocus.com/bid/13413

nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu. Date published : 2005-05-02 http://www.securityfocus.com/bid/13408 http://marc.info/?l=bugtraq&m=111464410324243&w=2

BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not properly drop privileges before opening files through the Help menu, which allows local users to gain privileges. Date published : 2005-05-02 http://www.securityfocus.com/bid/13410 http://marc.info/?l=bugtraq&m=111464474828477&w=2

Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView Radia Management Portal (RMP) 1.x and 2.x allows remote attackers to execute arbitrary commands via unknown vectors. Date published : 2005-05-02 http://www.securityfocus.com/bid/13414 http://marc.info/?l=bugtraq&m=111471365231909&w=2